Path Traversal Vulnerability in CA Unified Infrastructure Management

Path Traversal Vulnerability in CA Unified Infrastructure Management

CVE-2016-5803 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

An issue was discovered in CA Unified Infrastructure Management Version 8.47 and earlier. The Unified Infrastructure Management software uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize sequences such as ".." that can resolve to a location that is outside of that directory.

Learn more about our External Network Penetration Testing.